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DETAILED ACTION 

Response to Amendment 

This action is in response to Applicant's amendment filed January 9, 2006. Claims 1-40 
are pending in the present application. 

Claim Rejections - 35 USC §103 
The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 

Claims 1-40 are rejected under 35 U.S.C. 103(a) as being unpatentable over USPN 
6,122,664 issued to Boukobza et al. (hereinafter referred to as Boukobza) in view of US 
2004/0107362 by Ravishankar et al. (hereinafter referred to as Ravishankar). 

Regarding claim 1, Boukobza teaches a method of controlling the usage by an attached 
function of network services associated with a network system that includes the attached 
function, one or more other attached functions and network infrastructure, the method 
comprising the steps of: 

a. obtaining information associated with the network system (abstract); 
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b. setting one or more static policies for network services usage by the attached function 
(col. 2, lines 21-36; col. 3, line 60 to col 4, line 5); 

c. setting one or more dynamic policies for network services usage by the attached 
function (col 2, lines 21-36; col. 3, line 60 to col. 4, line 5); and 

d. monitoring the network system for triggers (abstract). 

However, Boukobza fails to explicitly teach: e. modifying by one or more devices of the 
network infrastructure the static policies, the dynamic policies, or both for the attached function 
based upon the detection of one more triggers. In an analogous art, Ravishanka teaches 
modifying by one or more devices of the network infrastructure the static policies, the dynamic 
policies, or both for the attached function based upon the detection of one more triggers [0035 
and 0036]. At the time the invention was made, one of ordinary skill in the art would have been 
motivated to modify the dynamica and static policies upon the detection of a trigger in order to 
protect the managed resources in the network (abstract), thus making the network system more 
robust to threats. 

Regarding claim 2, Boukobza teaches the method as claimed in claim 1 further 
comprising the step of saving set and modified policies associated with the attached function as 
policy history for the attached function (col. 18, lines 49-53). 
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Regarding claim 3, Boukoba teaches the method as claimed in claim 2 further comprising 
the step of querying whether a policy history exists for the attached function after obtaining the 
information from the network system (col. 22, lines 24-27). 

Regarding claim 4, Boukoba teaches the method as claimed in claim 2 wherein the step 
of saving the set and modified policies associated with the attached function includes the step of 
caching some or all of the policy history in a network system device (col. 30, line 58-62). 

Regarding claim 5, although Boukoba does not explicitly teach the method as claimed in 
claim 4 further comprising the step of invalidating the cached policy history based upon the 
occurrence of a specified event, it is well known in the art that cache can be invalidated anytime 
upon a user's command or specification. 

Regarding claim 6, Boukoba teaches the method as claimed in claim 5 wherein the 
specified event is selected from the group consisting of time, size limitations, storage limits, a 
policy change, or a network system change (col. 2, lines 14-20). 
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Regarding claim 7, Boukoba teaches the method as claimed in claim 2 further comprising 
the step of evaluating whether the policy history includes any static policies that may be set for 
the attached function in a current session (col. 18, lines 49-53). 

Regarding claim 8, Boukoba teaches the method as claimed in claim 1 wherein the 
triggers include timeouts, attached function changes, network infrastructure changes, intrusion 
detection events, firewall events, administrator inputs, network service changes and network 
service change requests (abstract). 

Regarding claim 9, Boukoba teaches the method as claimed in claim 1 wherein the 
information includes attached function information, access device information, access port, 
number of devices per port, priority per port, priority per application, priority per device, 
application requested, exchange protocols available, port security, access location, and access 
time (col. 6, lines 65-67). 

Regarding claim 10, Boukoba teaches the method as claimed in claim 1 wherein the only 
static policy is that there are only dynamic policies (abstract). 
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Claims 1 1-17 are similar to claims 1-6 and 8, respectively, therefore are rejected under 
the same rationale. 

Regarding claim 18, Boukoba teaches a system to control the usage by an attached 
function of network services associated with a network system that includes the attached 
function, one or more other attached functions and network infrastructure, the system 
comprising: 

a. means, forming part of the network system, for obtaining information associated with 
the network system (abstract). 

However, Boukoba does not explicitly teach: b. a dynamic policy function module of the 
network infrastructure for setting static and dynamic policies for the attached function, for 
monitoring the network system for triggers, and for modifying the static policies, the dynamic 
policies, or both for the attached function based the detection of one or more triggers. 

In an analogous art, Ravishanka teaches modifying by one or more devices of the 
network infrastructure the static policies, the dynamic policies, or both for the attached function 
based upon the detection of one more triggers [0035 and 0036]. At the time the invention was 
made, one of ordinary skill in the art would have been motivated to modify the dynamica and 
static policies upon the detection of a trigger in order to protect the managed resources in the 
network (abstract), thus making the network system more robust to threats. 



Application/Control Number: 1 0/629,33 1 Page 7 

Art Unit: 2143 

Regarding claim 19, Boukoba teaches the system as claimed in claim 18 wherein the 
dynamic policy function module is a centralized module of a policy server of the network 
infrastructure (see the figure). 

Regarding claim 20, Boukoba teaches the system as claimed in claim 18 further 
comprising means for saving set and modified policies history (col. 18, lines 49-53). 

Regarding claim 21 , Boukoba teaches the system as claimed in claim 20 wherein the 
means for storing set and modified policies history forms part of the policy server of the network 
infrastructure (col. 18, lines 49-53). 

Regarding claim 22, Boukoba teaches the system as claimed in claim 20 wherein the 
means for storing set and modified policies forms part of an interconnection device of the 
network infrastructure (figure). 

Regarding claim 23, Boukoba teaches the system as claimed in claim 18 wherein the 
dynamic policy function module is a distributed module forming portions of two or more devices 
of the network infrastructure (figure). 
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Regarding claim 24, Boukoba teaches the system as claimed in claim 23 wherein the two 
or more devices are selected from a combination of one or more servers and one or more 
interconnection devices or a combination of two or more interconnection devices (figure). 

Regarding claim 25, Boukoba teaches the system as claimed in claim 20 wherein the 
means for saving set and modified policies includes means for caching the set and modified 
policies on a centralized network device, a local network device, or a combination of a 
centralized network device and a local network device (figure; col. 18, lines 49-53). 

Regarding claim 26, although Boukoba does not teach the system as claimed in claim 18 
wherein the means for obtaining information associated with the network system includes IEEE 
802. IX authentication, RADIUS authentication, or a combination of IEEE 802. IX authentication 
and RADIUS authentication of the attached function, this feature is well known in the art as 
taught by Applicant's background in the specification. 

Claims 27-3 1 are similar to claims 18-22, therefore are rejected under the same rationale. 

Claims 32-33 are similar to claims 18 and 23, therefore are rejected under the same 
rationale. 
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Claim 34 is a combination of claims 1 and 2, therefore are also rejected under the same 
rationale. 

Regarding claim 35, Boukoba teaches the system as claimed in claim 34 wherein the 
policies histories are saved on a policy server of the network infrastructure (figure). 

Regarding claim 36, Boukoba teaches the system as claimed in claim 34 wherein the 
policies histories are saved on one or more local network devices of the network infrastructure 
(figure). 

Claims 37-39 are similar to claims 34, 5, and 6, respectively, therefore are rejected under 
the same rationale. 

Claim 40 is similar to claims 1, therefore is rejected under the same rationale. 

Response to Arguments 
Applicant's arguments have been considered but are moot in view of the new ground(s) 
of rejection. 
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Conclusion 

Applicant's amendment necessitated the new ground(s) of rejection presented in this 
Office action. Accordingly, TfflS ACTION IS MADE FINAL. See MPEP § 706.07(a). 
Applicant is reminded of the extension of time policy as set forth in 37 CFR 1. 136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within TWO 
MONTHS of the mailing date of this final action and the advisory action is not mailed until after 
the end of the THREE-MONTH shortened statutory period, then the shortened statutory period 
will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 
CFR 1 .136(a) will be calculated from the mailing date of the advisory action. In no event, 
however, will the statutory period for reply expire later than SIX MONTHS from the date of this 
final action. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Alina N. Boutah whose telephone number is 571-272-3908. The 
examiner can normally be reached on Monday-Friday (9:00 am - 5:00 pm). 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, David A. Wiley can be reached on 571-272-3923. The fax phone number for the 
organization where this application or proceeding is assigned is 571-273-8300. 
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Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). 
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